CVE-2022-23813

The software interfaces to ASP and SMU may not enforce the SNP memory security policy resulting in a potential loss of integrity of guest memory in a confidential compute environment.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:amd:milanpi-sp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:milanpi-sp3:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:amd:romepi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:amd:romepi:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:49

Type Values Removed Values Added
References () https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 - Vendor Advisory () https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 - Vendor Advisory
Summary
  • (es) Es posible que las interfaces de software con ASP y SMU no apliquen la política de seguridad de memoria SNP, lo que resulta en una posible pérdida de integridad de la memoria invitada en un entorno informático confidencial.

Information

Published : 2023-01-11 08:15

Updated : 2025-04-09 15:15


NVD link : CVE-2022-23813

Mitre link : CVE-2022-23813

CVE.ORG link : CVE-2022-23813


JSON object : View

Products Affected

amd

  • romepi_firmware
  • milanpi-sp3_firmware
  • milanpi-sp3
  • romepi
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer